The DNC’s Evolving Story about When They Knew They Were Targeted by Russia

This week’s front page story about the Democrats getting hacked by Russia starts with a Keystone Kops anecdote explaining why the DNC didn’t respond more aggressively when FBI first warned them about being targeted in September. The explanation, per the contractor presumably covering his rear-end months later, was that the FBI Special Agent didn’t adequately identify himself.

When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The F.B.I. knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.

This has led to (partially justified) complaints from John Podesta about why the FBI didn’t make the effort of driving over to the DNC to warn the higher-ups (who, the article admitted, had decided not to spend much money on cybersecurity).

This NYT version of the FBI Agent story comes from a memo that DNC’s contractor, Yared Tamene, wrote at some point after the fact. The NYT describes the memo repeatedly, though it never describes the recipients of the memo nor reveals precisely when it was written (it is clear it had to have been written after April 2016).

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.

[snip]

“The F.B.I. thinks the D.N.C. has at least one compromised computer on its network and the F.B.I. wanted to know if the D.N.C. is aware, and if so, what the D.N.C. is doing about it,” Mr. Tamene wrote in an internal memo about his contacts with the F.B.I. He added that “the Special Agent told me to look for a specific type of malware dubbed ‘Dukes’ by the U.S. intelligence community and in cybersecurity circles.”

[snip]

In November, Special Agent Hawkins called with more ominous news. A D.N.C. computer was “calling home, where home meant Russia,” Mr. Tamene’s memo says, referring to software sending information to Moscow. “SA Hawkins added that the F.B.I. thinks that this calling home behavior could be the result of a state-sponsored attack.”

[DNC technology director Andrew] Brown knew that Mr. Tamene, who declined to comment, was fielding calls from the F.B.I. But he was tied up on a different problem: evidence suggesting that the campaign of Senator Bernie Sanders of Vermont, Mrs. Clinton’s main Democratic opponent, had improperly gained access to her campaign data.

[snip]

One bit of progress had finally been made by the middle of April: The D.N.C., seven months after it had first been warned, finally installed a “robust set of monitoring tools,” Mr. Tamene’s internal memo says. [my emphasis]

The NYT includes a screen cap of part of that memo (which reveals that the DNC had already been exposed to ransomware attacks by September 2015), but not the other metadata or a link to the full memo.

One reason I raise all this is because the evidence laid out in the story contradicts, in several ways, this August report, relying on three anonymous sources (at least some of whom are probably members of Congress, but then so was the DNC Chair at the time).

The FBI did not tell the Democratic National Committee that U.S officials suspected it was the target of a Russian government-backed cyber attack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters.

And in months of follow-up conversations about the DNC’s network security, the FBI did not warn party officials that the attack was being investigated as Russian espionage, the sources said.

The lack of full disclosure by the FBI prevented DNC staffers from taking steps that could have reduced the number of confidential emails and documents stolen, one of the sources said. Instead, Russian hackers whom security experts believe are affiliated with the Russian government continued to have access to Democratic Party computers for months during a crucial phase in the U.S. presidential campaign, the source said.

[snip]

In its initial contact with the DNC last fall, the FBI instructed DNC personnel to look for signs of unusual activity on the group’s computer network, one person familiar with the matter said. DNC staff examined their logs and files without finding anything suspicious, that person said.

When DNC staffers requested further information from the FBI to help them track the incursion, they said the agency declined to provide it. In the months that followed, FBI officials spoke with DNC staffers on several other occasions but did not mention the suspicion of Russian involvement in an attack, sources said.

The DNC’s information technology team did not realize the seriousness of the incursion until late March, the sources said. It was unclear what prompted the IT team’s realization.

In August, anonymous sources told Reuters that FBI never told DNC they were being attacked by Russians until … well, Reuters doesn’t actually tell us when the FBI told DNC the Russians were behind the attack, just that Democrats started taking it seriously in March.

But in the pre-Trump Russian hack bonanza, the NYT has now revealed that an internal memo says that the DNC had been informed in November, not March.

And even that part of the explanation doesn’t make sense. As a number of people have noted, Brown is basically saying he didn’t respond to a warning — given in November — that a DNC server was calling home to Russia because he was dealing with a NGP-VAN breach that happened on December 18. He would have had over two weeks to respond to Russia hacking the DNC before the NGP-VAN issue, and that would have been significantly handled by NGP.

Moreover, even the September narrative invites some skepticism. Tamene admits the FBI Special Agent, “told me to look for a specific type of malware dubbed ‘Dukes’ by the U.S. intelligence community and in cybersecurity circles.” And he describes “His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion.” Had Tamene Googled for “dukes malware” any time after September 17, 2015, this is what he would have found.

Today we release a new whitepaper on an APT group commonly referred to as “the Dukes”. We believe that the Dukes are a well-resourced, highly dedicated, and organized cyber-espionage group that has been working for the Russian government since at least 2008 to collect intelligence in support of foreign and security policy decision-making. [my emphasis]

So had this initial report taken place after September 17, Tamene would have learned, thanks to the second sentence of a top Google return, that he was facing a “highly dedicated, and organized cyber-espionage group that has been working for the Russian government. ” Had he done the Google search he said he did, that is, he would almost certainly have learned he was facing down Russian hackers.

Had he clicked through to the report — which is where he would have gone to find the malware signatures to look for — he would have seen a big pink graphic tying the Dukes to Russia.

It’s certainly possible the alert came before the white paper was released (though if it came after, it explains why the FBI would have thought simply mentioning the Dukes would be sufficient). But that would suggest Tamene remembered the call and his Google search for the Dukes in detail sometime in April but not in September when this report got a fair amount of attention.

None of this is to excuse the FBI (I’ve already started a post on that part of this). But it’s clear that Democrats have been — at a minimum — inconsistent in their story to the press about why they didn’t respond to warnings sooner. And given the multiple problems with their explanation about what happened last fall, it’s likely they did get some warning, but just didn’t heed it.

Update: When I wrote this this morning, I had read this tweet stream and this story but not the underlying Shadow Brokers related post, by someone writing under the pseudonym Boceffus Cleetus it relates to, which is basically a Medium post introducing the latest sale of Shadow Broker tools. It wasn’t until I read this post — and then the second Boceffus Cleetus post that I realized Boceffus Cleetus posted (his) original post — along with a reference to the name magnified back when this hack started — the day after the NYT wrote a story of the hack from DNC’s perspective.

As the tweet stream lays out, Boceffus Cleetus is a play on ventriloquism, (duh, speaking for others) and the Dukes of Hazard. Both analyses of this argue that the reference to “Dukes of Hazard” is, in turn, a reference to the name given to the FSB hacking efforts (the other I’ve used is “Cozy Bear”) in the report I linked above — that is, to the name F-Secure had given the FSB hackers, most notably in the report I linked above. I didn’t make too much of it until I read this second Boceffus Cleetus post, which in seemingly one sentence lays out Bill Binney’s theory of the DNC hack (that is, that NSA handed it on) with a country drawl and a lot of conspiracy theory added.

After my shadow brokers tweet I was contacted by an anonymous source claiming to be FBI. Yep I know prove it? I wasn’t able to get’em to verify their identity. But y’all don’t be runnin away yet, suspend yer disbelief and check out their claims. What if the Russian’s ain’t hacking nothin? What if the shadow brokers ain’t Russian? Whatcha got as the next best theory? What if its a deep state civil war tween CIA and ole NSA? A deep state civil war to see who really runs things. NSA is Department of Defense, military. The majority of the military are high school grads, coming from rural “Red States”, conservatives. The NSA has the global surveillance capabilities to intercept all the DNC and Podesta emails. CIA is college grads only and has the traditions of the urban yankee northeastern and east coast ivy leaguers, “Blue State”, liberals.

It’s all mostly gratuitous — an attempt to feed (as explicitly named “fake news”) some of the alternate explanations out there right now.

But I find the portrayal of an NSA-CIA feud notable, in part, because the mostly likely reason FBI (which is where Boceffus Cleetus’ fictional source came from) didn’t tell the DNC who was hacking them back in September 2015 is because the actual tip — that Russia was hacking the DNC — came from the NSA. But FBI had to hide that. So instead, they used the name for FSB that was current at the time.

I’ll add, too, that this plays on Craig Murray’s claim that a national security person leaked him the Podesta documents.

So what’s the point? Dunno. I defer to theGrugq’s third post, in which he argues this post is signaling to show NSA the Russian hackers must have access to NSA’s classified networks, because they’ve accessed a map of everything.

This dump has a bit of everything. In fact, it has too much of everything. The first drop was a firewall ops kit. It had everything that was supposed to be used against firewalls. This dump, on the other hand, has too much diversity and each tool is comprehensive.

The depth and breadth of the tooling they reveal can only possibly be explained by:

  1. an improbable sequence of hack backs which got, in sequence, massive depth of codenamed implants, exploits, manuals,
  2. access to high side data

[snip]

It is obvious that this data would never leave NSA classified networks except by some serious operator error (as I believe was the case with the first ShadowBrokers leak.) For this dump though, it is simply not plausible. There is no way that such diverse and comprehensive ops tooling was accidentally exposed. It beggars belief to think that any operator could be so careless that they’d expose this much tooling, on multiple diverse operations.

There are, based on my count, twenty one (21) scripts/manuals for operations contained in this dump. They cover too many operations for a mistake, and they are too comprehensive for a mistake.

Remember, Obama has been stating assuredly that the US has far more defensive and offensive capability than Russia. The latter might well be true. But the latter is nuts, if for no other reason than we have so much more to secure. The former might be true. But not if hackers can log into NSA’s fridge and steal their beer.

I’m not entirely sure what to make of this. But against the background of increasing dick-wagging, it’ll be interesting to see how it plays out.

Unpacking the New CIA Leak: Don’t Ignore the Aluminum Tube Footnote

This post will unpack the leak from the CIA published in the WaPo tonight.

Before I start with the substance of the story, consider this background. First, if Trump comes into office on the current trajectory, the US will let Russia help Bashar al-Assad stay in power, thwarting a 4-year effort on the part of the Saudis to remove him from power. It will also restructure the hierarchy of horrible human rights abusing allies the US has, with the Saudis losing out to other human rights abusers, potentially up to and including that other petrostate, Russia. It will also install a ton of people with ties to the US oil industry in the cabinet, meaning the US will effectively subsidize oil production in this country, which will have the perhaps inadvertent result of ensuring the US remains oil-independent even though the market can’t justify fracking right now.

The CIA is institutionally quite close with the Saudis right now, and has been in charge of their covert war against Assad.

This story came 24 days after the White House released an anonymous statement asserting, among other things, “the Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day,” suggesting that the Russians may have been deterred.

This story was leaked within hours of the time the White House announced it was calling for an all-intelligence community review of the Russia intelligence, offered without much detail. Indeed, this story was leaked and published as an update to that story.

Which is to say, the CIA and/or people in Congress (this story seems primarily to come from Democratic Senators) leaked this, apparently in response to President Obama’s not terribly urgent call to have all intelligence agencies weigh in on the subject of Russian influence, after weeks of Democrats pressuring him to release more information. It was designed to both make the White House-ordered review more urgent and influence the outcome.

So here’s what that story says.

In September, the spooks briefed “congressional leaders” (which for a variety of reasons I wildarseguess is either a Gang of Four briefing including Paul Ryan, Nancy Pelosi, Mitch McConnell, and Harry Reid or a briefing to SSCI plus McConnell, Reid, Jack Reed, and John McCain). Apparently, the substance of the briefing was that Russia’s intent in hacking Democratic entities was not to increase distrust of institutions, but instead to elect Trump.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

The difference between this story and other public assessments is that it seems to identify the people — who sound like people with ties to the Russian government but not necessarily part of it — who funneled documents from Russia’s GRU to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees.

This is the part that has always been missing in the past: how the documents got from GRU, which hacked the DNC and John Podesta, to Wikileaks, which released them. It appears that CIA now thinks they know the answer: some people one step removed from the Russian government, funneling the documents from GRU hackers (presumably) to Wikileaks to be leaked, with the intent of electing Trump.

Not everyone buys this story. Mitch McConnell doesn’t buy the intelligence.

In September, during a secret briefing for congressional leaders, Senate Republican Leader Mitch McConnell (Ky.) voiced doubts about the veracity of the intelligence, according to officials present.

That’s one doubt raised about CIA’s claim — though like you all, I assume Mitch McConnell shouldn’t be trusted on this front.

But McConnell wasn’t the only one. One source for this story — which sounds like someone like Harry Reid or Dianne Feinstein — claimed that this CIA judgment is the “consensus” view of all the intelligence agencies, a term of art.

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

Except that in a briefing this week (which may have been what impressed John McCain and Lindsey Graham to do their own investigation), that’s not what this represented.

The CIA shared its latest assessment with key senators in a closed-door briefing on Capitol Hill last week, in which agency officials cited a growing body of intelligence from multiple sources. Agency briefers told the senators it was now “quite clear” that electing Trump was Russia’s goal, according to the officials, who spoke on the condition of anonymity to discuss intelligence matters.

The CIA presentation to senators about Russia’s intentions fell short of a formal U.S. assessment produced by all 17 intelligence agencies. A senior U.S. official said there were minor disagreements among intelligence officials about the agency’s assessment, in part because some questions remain unanswered. [my emphasis]

That’s a conflict. Some senior US official (often code for senior member of Congress) says this is the consensus view. Another senior US official (or maybe the very same one) says there are “minor disagreements.”

Remember: we went to war against Iraq, which turned out to have no WMD, in part because no one read the “minor disagreements” from a few agencies about some aluminum tubes. A number of Senators who didn’t read that footnote closely (and at least one that did) are involved in this story. What we’re being told is there are some aluminum tube type disagreements.

Let’s hear about those disagreements this time, shall we?

Here’s the big takeaway. The language “a formal US assessment produced by all 17 intelligence agencies” is, like “a consensus view,” a term of art. It’s an opportunity for agencies which may have differing theories of what happened here to submit their footnotes.

That may be what Obama called for today: the formal assessment from all agencies (though admittedly, the White House purposely left the scope and intent of it vague).

Whatever that review is intended to be, what happened as soon as Obama announced it is that the CIA and/or Democratic Senators started leaking their conclusion. That’s what this story is.

Update: One other really critical detail. When the White House announced the Obama review today, Wikileaks made what was a bizarre statement. Linking to a CNN story on the Obama ordered review that erred on the side of blaming Russia for everything, it said, “CNN: Obama orders report into WikiLeaks timed for release just prior to Trump presidency.” Even though none of the statements on the review focused on what this story does — that is, on the way that the DNC and Podesta emails got to Wikileaks — Wikileaks nevertheless interpreted it as an inquiry targeted at it.

Update: And now David Sanger (whose story on the Obama-ordered review was particularly bad) and Scott Shane reveal the RNC also got hacked, and it is the differential leaking that leads the spooks to believe the Russians wanted Trump to win.

They based that conclusion, in part, on another finding — which they say was also reached with high confidence — that the Russians hacked the Republican National Committee’s computer systems in addition to their attacks on Democratic organizations, but did not release whatever information they gleaned from the Republican networks.

In the months before the election, it was largely documents from Democratic Party systems that were leaked to the public.

This may be a fair assessment. But you would have to account for two things before making it. First, you’d need to know the timing and hacker behind the RNC hack. That’s because two entities are believed to have hacked the DNC: an FSB appearing hacking group, and a GRU one. The FSB is not believed to have leaked. GRU is believed to have. So if the FSB hacked the RNC but didn’t leak it, it would be completely consistent with what FSB did with DNC.

NYT now says the RNC hack was by GRU in the spring, so it is a fair question why the DNC things got leaked but RNC did not.

Also, Sanger and Shane say “largely documents” from Dems were leaked. That’s false. There were two streams of non-Wikileaks releases, Guccifer, which did leak all-Dem stuff, and DC Leaks, which leaked stuff that might be better qualified as Ukrainian related. The most publicized of documents from the latter were from Colin Powell, which didn’t help Trump at all.

Update: It’s clear that Harry Reid (who of course is retiring and so can leak speech and debate protected classified information without worrying he’ll be shut off in the future) is one key driver of this story. Last night he was saying, “”I was right. Comey was wrong. I hope he can look in the mirror and see what he did to this country.” This morning he is on the TV saying he believes Comey had information on this before the election.

Update, 12/10: This follow-up from WaPo is instructive, as it compares what CIA briefed the Senate Intelligence Committee about the current state of evidence with what FBI briefed the House Intelligence Committee about the current state of evidence. While the focus is on different Republican and Democratic understandings of both, the story also makes it clear that FBI definitely doesn’t back what WaPo’s sources from yesterday said was a consensus view.

The Game of Telephone about the Election Hacking Review

This morning, the White House announced that Obama has ordered a review of election-related hacking, to be completed before Donald Trump takes over. I want to capture the varying descriptions of what the review will entail.

Politico: The review will look at the hacks blamed on the Russians this year and malicious cyber activity (publicly understood to be China in 2008 and someone else in 2012) going back to 2008

The review will put the spate of hacks — which officials have blamed on Russia — “in a greater context” by framing them against the “malicious cyber activity” that may have occurred around the edges of the 2008 and 2012 president elections, said White House principal deputy press secretary Eric Schultz at a briefing.

“This will be a review that is broad and deep at the same time,” he added.

[snip]

In 2008, the campaigns for both Sen. John McCain (R-Ariz.) and Obama were bombarded by suspected Chinese hackers, according to U.S. intelligence officials. The digital intruders were reportedly after internal policy papers and the emails of top advisers.

And in 2012, Gawker reported that hackers had broken into Republican presidential candidate Mitt Romney’s personal Hotmail account after correctly answering his backup security question: “What is your favorite pet?”

“We will be looking at all foreign actors and any attempt to interfere with the elections,” Schultz said.

WaPo: The review will be a “full review” of Russian hacking during the November election

President Obama has ordered a “full review” of Russian hacking during the November election, as pressure from Congress has grown for greater public understanding of exactly what Moscow did to interfere in the electoral process.

[snip]

U.S. intelligence and law enforcement agencies had already been probing what they see as a broad covert Russian operation to sow distrust in the presidential election process. It was their briefings of senior lawmakers that led a number of them to press for more information to be made public.

[snip]

Though Russia has long conducted cyberspying on U.S. agencies, companies and organizations, this presidential campaign marks the first time Russia has attempted through cyber means to interfere in, if not actively influence, the outcome of an election, the officials said.

CNN: The review will look at “hacking by the Russians aimed at influencing US elections going back to 2008” (CNN notes that the IC “never said there was strong evidence that [hacks of voter registration systems were] tied to the Russian government”)

President Barack Obama has ordered a full review into hacking by the Russians aimed at influencing US elections going back to 2008, the White House said Friday.

“The President has directed the Intelligence Community to conduct a full review of what happened during the 2016 election process. It is to capture lessons learned from that and to report to a range of stakeholders,” White House Homeland Security and Counterterrorism Adviser Lisa Monaco said at a Christian Science Monitor breakfast with reporters Friday. “This is consistent with the work that we did over the summer to engage Congress on the threats that we were seeing.”
White House spokesman Eric Schultz added later that the review would encompass malicious cyber activity related to US elections going back to 2008. [my emphasis]

Wikileaks (relying on the CNN story): The review will look at Wikileaks

CNN: Obama orders report into WikiLeaks timed for release just prior to Trump presidency

NYT: The review will look at all Russian efforts to influence the 2016 election, including publishing email contents and probing the “vote-counting system” (presumably a reference to voter lists that have nothing to do with vote counting)

President Obama has ordered American intelligence agencies to produce a full report on Russian efforts to influence the 2016 presidential election, his homeland security adviser said on Friday. He also directed them to develop a list of “lessons learned” from the broad campaign the United States has accused Russia of carrying out to steal emails, publish their contents and probe the vote-counting system.

CYBERCOM versus NSA: On Fighting Isis or Spying on Them

I keep thinking back to this story, in which people in the immediate vicinity of Ash Carter and James Clapper told Ellen Nakashima that they had wanted to fire Admiral Mike Rogers, the dual hatted head of CyberCommand and NSA, in October. The sexy reason given for firing Rogers — one apparently driven by Clapper — is that NSA continued to leak critical documents after Rogers was brought in in the wake of the Snowden leaks.

But further down in the story, a description of why Carter wanted him fired appears. Carter’s angry because Rogers’ offensive hackers had not, up until around the period he recommended to Obama Rogers be fired, succeeded in sabotaging ISIS’ networks.

Rogers has not impressed Carter with his handling of U.S. Cyber Command’s cyberoffensive against the Islamic State. Over the past year or so, the command’s operations against the terrorist group’s networks in Syria and Iraq have not borne much fruit, officials said. In the past month, military hackers have been successful at disrupting some Islamic State networks, but it was the first time they had done that, the officials said.

Nakashima presents this in the context of the decision to split CYBERCOM from NSA and — click through to read that part further down in the piece — with Rogers’ decision to merge NSA’s Information Assurance Directorate (its defensive wing) with the offensive spying unit.

The expectation had been that Rogers would be replaced before the Nov. 8 election, but as part of an announcement about the change in leadership structure at the NSA and Cyber Command, a second administration official said.

“It was going to be part of a full package,” the official said. “The idea was not for any kind of public firing.” In any case, Rogers’s term at the NSA and Cyber Command is due to end in the spring, officials said.

The president would then appoint an acting NSA director, enabling his successor to nominate their own person. But a key lawmaker, Sen. John McCain (R-Ariz.), the chairman of the Senate Armed Services Committee, threatened to block any such nominee if the White House proceeded with the plan to split the leadership at the NSA and Cyber Command.

I was always in favor of splitting these entities — CYBERCOM, NSA, and IAD — into three, because I believed that was one of the only ways we’d get a robust defense. Until then, everything will be subordinated to offensive interests. But Nakashima’s article focuses on the other split, CYBERCOM and NSA, describing them as fundamentally different missions.

The rationale for splitting what is called the “dual-hat” arrangement is that the agencies’ missions are fundamentally different, that the nation’s cyberspies and military hackers should not be competing to use the same networks, and that the job of leading both organizations is too big for one person.

They are separate missions: CYBERCOM’s job is to sabotage things, NSA’s job is to collect information. That is made clear by the example that apparently irks Carter: CYBERCOM wasn’t sabotaging ISIS like he wanted.

It is not explicit here, but the suggestion is that CYBERCOM was not sabotaging ISIS because someone decided it was more important to collect information on it. That sounds like an innocent enough trade-off until you consider CIA’s prioritization for overthrowing Assad over eliminating ISIS, and its long willingness to overlook that its trained fighters were fighting with al Qaeda and sometimes even ISIS. Add in DOD’s abject failure at training their own rebels, such that the job reverted to CIA along with all the questionably loyalties in that agency.

There was a similar debate way back in 2010, when NSA and CIA and GCHQ were fighting about what to do with Inspire magazine: sabotage it (DOD’s preference, based on the understanding it might get people killed), tamper with it (GCHQ’s cupcake recipe), or use it to information gather (almost certainly with the help of NSA, tracking the metadata associated with the magazine). At the time, that was a relatively minor turf battle (though perhaps hinting at a bigger betrayed by DOD’s inability to kill Anwar al-Alwaki and CIA’s subsequent success as soon as it had built its own drone targeting base in Saudi Arabia).

This one, however, is bigger. Syria is a clusterfuck, and different people in different corners of the government have different priorities about whether Assad needs to go before we can get rid of ISIS. McCain is clearly on the side of ousting Assad, which may be another reason — beyond just turf battles — why he opposed the CYBERCOM/NSA split.

Add in the quickness with which Devin Nunes, Donald Trump transition team member, accused Nakashima’s sources of leaking classified information. The stuff about Rogers probably wasn’t classified (in any case, Carter and Clapper would have been the original classification authorities on that information). But the fact that we only just moved from collecting intelligence on ISIS to sabotaging them likely is.

CYBERCOM and NSA do have potentially conflicting missions. And it sounds like that was made abundantly clear as Rogers chose to prioritize intelligence gathering on ISIS over doing things that might help to kill them.

The White House Attempts to Unring the Election Integrity Fearmongering

Over the weekend, the White House gave the NYT a statement on the integrity of our elections that deserves more attention. Here it is, in full:

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect. Nevertheless, we stand behind our election results, which accurately reflect the will of the American people.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

As the NYT noted in its introduction to this statement, the person who released this statement (my guess is Ned Price, but that’s just a wildarseguess) would not let him or herself be identified. While this is a long-time habit of the Obama Administration (one that merely exacerbated a Bush habit), consider what it means that a statement intended to increase confidence about our electoral process was issued anonymously.

You’re doing it wrong.

The statement itself highlights the perverse effect of all the fearmongering about Russia hacking our elections.

Let’s start with the last paragraph. “We do not know if the Russians had planned any malicious cyber activity for election day [… or] if they were deterred.” This suggests that at no time before the election did anyone in the White House know of plans to disrupt the election. That’s an important detail, because many sloppy journalists have consistently misread reports of the hacking of voter registration lists from a Russian hosting service but that may not have even been Russians must less the Russian state to mean that the Russian state was trying to hack the election itself. While there was one late report that suggests FBI may have gotten more reason to believe these polling list probes were Russian state entities, this statement seems to refute that.

Indeed, the second paragraph seems to back that. “The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day.” The White House, now explicitly speaking for the entire Federal government, says that there was no increased malicious cyber activity aimed at disrupting election day, regardless of the actor. While it’s certainly possible known probes of registration lists continued, according to this statement they didn’t accelerate as the election drew near. This makes it more likely these probes were identity theft related, not Russian state tampering.

If there was no there there to all the claims of Russian hacking our election infrastructure (which is distinct from claims that Russia hacked the DNC and other political organizations, which is something our spooks do as well), then why didn’t the White House stop all the fearmongering about the election infrastructure beyond the joint ODNI/DHS statement that admitted there was no conclusive evidence that was happening?

That’s where this statement starts.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions … would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

They’re not even saying “rais[ing] questions about the integrity of the election” is what “the Kremlin” (“the Kremlin” has served as a very sloppy metonymy throughout this discussion) had in mind. They’re just guessing that the intent existed.

Throughout the discussion of Russian hacking, the entire point of it has been one of the weakest points of the allegations: no one ever provided a credible explanation for how releasing validated copies of real emails could undermine the election. The strongest case I saw made is that the emails provided something that Trump himself, his true-believers, Macedonian teenagers, and Russian propagandists could hang false stories onto; but that’s no different from what happened to official Hillary emails released under FOIA (to say nothing of FBI leaks about same) or actual events like Hillary’s pneumonia. Those people can make lies up about anything and they don’t need Podesta emails to do so. Trump, as Republicans have for decades, turned out to be perfectly capable of raising baseless concerns about election integrity (as he did again last night).

So here, when asked why, after dick-waving about an imminent Russian hack of the election, the White House wasn’t backing a review of the vote, this White House official who wouldn’t go on the record instead effectively said, “Who knows? ‘The Kremlin’ probably figured the damage was done.”

Which brings me to my complaint about the way the Russian hacking has been dealt with — largely fed by a deliberate Hillary effort to emphasize Trump’s Russian ties rather than all his shady dealings generally.

Who is responsible for doubts about the integrity of our election? The hack-and-leakers? Trump? Or the national security officials (who, in this case, won’t even go on the record) making uncertain claims that the Russians intend to undermine confidence in elections? At some point, those pounding the war drums are the ones who are undermining confidence, not the Russian hackers themselves.

And none of those actions take place in a vacuum. Even as both the Russians (allegedly) were undermining faith in our elections and national security types were hyping up concerns that people might lose faith in our elections which likely helped undermine faith in our elections, there were real reasons why Americans shouldn’t have faith in their elections. Consider this line: “As a result, we believe our elections were free and fair from a cybersecurity perspective.” This anonymous person at the White House is asserting there were no hacks of the election. But he or she is not asserting the election was free and fair.

Of course not. That’s because in a number of states — notably, in swing states NC and WI — the Republicans undertook known, documented efforts to ensure the elections weren’t free and fair by making it harder for likely Democratic voters to vote than Republican voters.

Voters — especially students and voters of color normally targeted in suppression efforts — shouldn’t be complacent about the integrity of our elections. Numerous circuit courts have found evidence showing they’re not free and fair. Our elections were not going to be free and fair well before Russian hackers targeted the DNC.

But rather than focusing on the things closer to home that we need to improve, we’re all worried the Russians are coming … to do what decades of Republican efforts have already done.

The Self Serving Jill Stein Recount Scam

ap_514085205775-021470928390Jill Stein, admittedly, always struck me as a bit of a naive and somewhat unhinged candidate. But, Stein was the “Green Party” candidate and, once Bernie Sanders lost, became the go to darling for ill advised voters and activists that were far too willing to wreck the world with Donald Trump than consider the circumstances and vote for an eminently qualified, albeit terribly flawed, candidate in the form of Hillary Clinton. It is hard to argue with anarchist, blow it all up, demagogues when trying to protect a lame, and status quo, candidate. Even when the ultimate opponent is a raging racist, bigoted, misogynistic, female choice hating and torture loving shill like Donald Trump.

So many otherwise Democratic voters went off and voted for Stein and/or Gary Johnson. Did it make the “final difference”? I have no idea, but there is certainly an argument that could be made.

Was it the Jim Comey FBI factor from the stunningly inappropriate rogue actions by the FBI Director putting his self righteous thumb on the electoral scale in both the start of the critical summer elections season and, then, yet again in the last two weeks before the election? It is easy to make that argument, irrespective of any other factor.

Was it that Hillary did not expend personal and campaign time and dime in Wisconsin and other Rust Belt states when she did a lost, but very much growing, cause venue such as Arizona? Easy case for that argument as well.

The actual data and competent reportage seems to indicate that all of the above were significant factors. It strikes me that is right.

All of the above factors fed into the defeat of Clinton and the election loss by her, if only by the electoral college, at the tiny hands of Trump. So be it. That is what happened under the electoral laws and process (yes, let us not forget the pernicious meddling of Russia and/or Wikileaks, whether they are coupled or not) pertinent to the 2016 US Presidential election. But, like the result or not, that was all pursuant to the Constitution and election laws as are currently extant in the United States. There is not one competent piece of evidence that the actual vote itself was “hacked” or “rigged”. Just none.

Which brings us to the much ballyhooed action of Jill Stein to crowd fund and conduct audits and or recounts in the key states of Wisconsin, Michigan and Pennsylvania. The second she started her effort, I opined it was an attention grabbing craven play by Stein, and not a legitimate effort with any eye to any substantive results. On a more private forum I intoned:

But that is the thing: It IS bomb throwing, and stupidly so. There is NO evidentiary basis for fraud or mistake that I have seen. The guy who started it, [J. Alex] Halderman himself, admits as much legally when he says he thinks it is most likely poll inaccuracy, not anything nefarious.

I know all the beaten down, especially Clinton diehards, that cannot fathom how she blew this election, want to grasp for something. But it just isn’t there.

I stand by that completely. What Jill Stein is doing is blatant self promotion, list building, reputational repair where it is undeserved, and slush funding for an incoherent Green Party. It is detestable to the extreme. Stein has glommed onto this recount scam as a way to serve herself, she certainly is not serving anything else.

To quote a significant Democratic election law attorney, and longtime friend of this blog, Adam Bonin:

“If there were something to do here, there are a lot of us who would be jumping on it”

Early on the hashtag #AuditTheVote was attached to this chicanery. Here is the problem with that – two out of three of Stein’s target states already “audit the vote” as a regular matter of law without the need for Stein’s self serving injection into the matter. In fact, Stein’s primary target, Wisconsin, has a reasonably robust random audit provision in Wisconsin Revised Statute 7.08(6), which has been generally deigned to require:

The voting system audit procedures consist of two independent processes: an audit conducted by municipalities of reporting units randomly selected by the State Elections Board and an audit of reporting units conducted by the State Elections Board. Number of Reporting Units to Audit: Per the requirements of section 7.08(6), Wis. Stats., each type of electronic voting system in Wisconsin must be audited after the general election to ensure that each system does not exceed the error rate prescribed in the federal voting system guidelines. The State Elections Board will randomly select fifty (50) reporting units across Wisconsin which will be subject to municipal audit, including a minimum of five (5) reporting units for each voting system used in Wisconsin. If fewer than five (5) reporting units for any voting system are selected through the random selection process, then additional reporting units will be randomly selected by voting system until five reporting units per voting system have been selected. If there are fewer than 5 reporting units using a voting system the State Elections Board staff will audit those reporting units if the reporting units are not selected as part of the random draw. until five reporting units per voting system have been selected. If there are fewer than 5 reporting units using a voting system the State Elections Board staff will audit those reporting units if the reporting units are not selected as part of the random draw.

Well, that is actually pretty robust. And all of which would have been, and will be, performed without the preening self interjection of Jill Stein in her first state of concern, Wisconsin.

Just Wisconsin? Nope. Pennsylvania also has an inherent audit provision, though not quite as robust as Wisconsin. The bottom line is, though, there are already “audit the vote” provisions in two out of three of Jill Stein’s targets, even though she declined to say so in her propaganda seeking funding to stay in the spotlight and reconstruct her reputation. In fairness, Michigan has no such automatic audit provision, so there is that.

Next, you need to consider that there is a substantive difference between “audits” of the vote and flat out recounts. Stein has always been about recounts, despite the bogusly applied #AuditTheVote nomenclature applied by Stein and her glommers on. Recounts are expensive, labor intensive, and time consuming. And they are asinine where there is not a single shred of competent evidence to support fraud or mistake that could, even in the remotest possibility, change the outcome in a given state or states.

And, let us be crystal clear here, there is still NO competent evidence whatsoever of fraud, mistake or other irregularity that could change the result. None. And that is the thing, unless there is fraud, mistake or systematic error, recounts can do nothing to legally support a challenge to the election results. A challenge has to stand up in court. It cannot be thin and based upon rote supposition and suspicion. Even if Stein’s folly turns up a minor discrepancy here and there, that will not suffice.

The vote differential, again in Wisconsin for instance, between Clinton and Trump currently stands at 27,259 votes. Yes, that is less than the total of Stein, so despite the wild claim she threw the election that some Clinton supporters have thrown, I will not. Some Stein voters were never going to vote for Clinton; so while Stein’s vanity run deserves ridicule, it does not, in and of itself, “prove” Clinton would have won but for Stein. Close enough for ridicule given that Trump is the result? Sure. But, again that, too, holds for ridicule of Clinton’s own arrogant and detached campaign and the fatally pernicious effects of the completely rogue arbiter of his own justice, James Comey.

So, where does that leave us? With a Norma Desmond like self promoting grifter, dying to redeem her name and stay in some/any spotlight, in the form of Jill Stein. She was a cancer on the election (hey, her dinner with Putin and Mike Flynn was cool though!) that, at a minimum, helped elect Trump, and she is sticking around to create more hell now that said deed is done.

This is absurd. Jill Stein is a grifter and a fraud. And she is playing this opportunity to, first off, list build for herself and the Greens, secondly, resuscitate her and their name, thirdly, stay in the press, and lastly, create an amorphous slush fund to continue those things. Stein is succeeding beyond wildest expectations if your idea of the normal course of business is Donald Trumpian level grifting.

For a woman who raised only $3.5 million during her entire vanity run for President, Stein has now raised nearly $6 million dollars in far less than a week on this scam. That is NOT because Stein has dedicated Green Party followers wanting to bleed yet more money into their candidate after the election; no, it is because desperate Clintonians are seeking some way, any way, to stop Trump. And playing on that desperation is exactly the fraud of Jill Stein.

A common refrain I see is that, “golly, there is no harm, and much good, that can come from confirming the vote”. But that is just more self serving balderdash from the desperate and/or Stein acolytes. In fact, there is great harm that can come from Stein’s shenanigans. Here is Rick Hasen from the Election Law Blog, quoting the Wisconsin Journal Sentinel:

Wisconsin could be at risk of missing a Dec. 13 deadline to certify its 10 electoral votes if clerks can’t complete an expected recount by then.

Hitting the deadline could be particularly tricky if Green Party presidential nominee Jill Stein is able to force the recount to be conducted by hand, Wisconsin’s top election official said.

Stein — who received just 1% of the vote in Wisconsin — has promised to file for a recount by Friday’s 5 p.m. deadline in Wisconsin. She is also planning to ask for recounts in Michigan and Pennsylvania, which have deadlines next week.

A federal “safe harbor” law requires states to complete presidential recounts within 35 days of the election to ensure their electoral votes are counted. This year, that’s Dec. 13.

What is the upshot of this? Easy, Stein’s effort could easily place Wisconsin, in light of the December 13 deadline, of missing the deadline and disenfranchising all voters in Wisconsin. Yes, there are potential repercussions from actions like Stein is taking, especially when there is no known basis or grounds whatsoever evidentiary wise to support them. And that is just Wisconsin. Michigan and Pennsylvania are in even bigger jeopardy thanks to the self serving hubris of Jill Stein, should she actually continue on to file in those states as promised, without any rational basis for challenging the vote therein.

Lastly, while I have been writing the instant post, the attorney for the DNC and Clinton Campaign, Marc E. Elias, has weighed in on Medium with an official take for both himself and, by all appearances, the aforementioned campaign entities. The Reader’s Digest version, by my eyes, is that, while the DNC and Clinton camps are going to join into the Stein effort, they have never seen any basis for it, and are being dragged into a position of noticing their appearance and joinder simply in order to preserve their rights to be involved should Stein’s group go so far off the rails or, in the remotest of all potentialities, find anything. That is not joinder with enthusiasm, it is joinder to protect your legal voice. Trump is now doing the same for similar reasons. I do not blame either Clinton or Trump for doing so, in fact, Stein’s idiocy put both of said parties in that regrettable posture. Don’t cast your eye askew for one second at Elias and the Dems, nor even Trump and the Repubs, ….Stein and her idiotic self serving publicity play made them do it.

In short, this effort by Jill Stein is nothing more than a self promoting vanity play. If you want to donate to that grift, by all means, go ahead. But don’t blather about how it is going to help democracy or promote fair elections. That is absurd. In fact, just exactly as absurd as Jill Stein’s cynical grift on her current donors who are far different than her few and far between Green donors.

Stein is scamming the dispossessed. That is a Trumpian level fraud.

About that Russian Hacker Story

This story is going viral on social media. The CNN article, dated October 12, describes a compromise of a FL contractor they don’t situate in time.

Federal investigators believe Russian hackers were behind cyberattacks on a contractor for Florida’s election system that may have exposed the personal data of Florida voters, according to US officials briefed on the probe.

The hack of the Florida contractor comes on the heels of hacks in Illinois, in which personal data of tens of thousands of voters may have been stolen, and one in Arizona, in which investigators now believe the data of voters was likely exposed.
Later in the article, CNN makes it clear this is the same hack as described in this earlier ABC reporting, which expands on a story from several days earlier. ABC’s reporting doesn’t date the compromise either. Rather, it explains that FL was one of four states in which hackers had succeeded in compromising data, whereas hackers had scanned voting related systems — tried to hack systems — in half the states.

As ABC News first reported Thursday, hackers have recently tried to infiltrate voter registration systems in nearly half of the states across the country –- a significantly larger cyber-assault than U.S. officials have been willing to concede.

And while officials have publicly admitted Illinois and Arizona had their systems compromised, officials have yet to acknowledge that information related to at least two other states’ voters has also been exposed.

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

And ABC’s source at least claimed that all hackers did was copy voter data.

The voter information was exposed after cyber-operatives gained entry to at least one computer associated with a private company hired to administer voter information, the sources said.

A simple “phishing” scheme –- with a malicious link or attachment sent in an email –- is likely how it all started, one source said.

“The attack was successful only in the sense that they gained access to the database, but they didn’t manipulate any of the voter [information] in the database,” the source said.

So, in spite of what people might think given the fact that the CNN is going viral right now, it doesn’t refer to a hack in conjunction with the election. It refers to a hack that happened well over a month ago. It refers to a hack that — at least according to people who have an incentive to say so — resulted only in the theft of data, not its alteration.

Both CNN and ABC use language that suggests the Russian government was behind this hack. Here’s CNN:

FBI investigators believe the the hacks and attempted intrusions of state election sites were carried out by hackers working for Russian intelligence.

And here’s ABC:

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

But (as CNN points out) the October 7 joint DNI/DHS statement on Russian hacking doesn’t attribute the voting rolls part to the Russian state.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

An earlier DHS one explicitly attributes them to cybercriminals.

(U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

There were known instances of identity thieves hacking voting rolls going back some time, so it is possible that’s all this was about.

We learned recently that FBI Director Comey pointedly did not want to be included on the joint DNI/DHS statement, because it was too close to the election. So it’s possible there was disagreement about that part of it (which might explain the FBI-sourced leak to CNN).

Also note, I believe the known hackers used different methods, including both SQL injection and phishing. If in response to the earlier ones, DHS did a review of voting systems and found a number of phishes using the same methods as GRU, that may explain why FBI would say it was Russian.

In any case, we don’t know what happened, and at least public claims say the hackers didn’t alter any data.

But the CNN story, at least, is not about something that just happened.

Update: Fixed some typos and clarity problems.

Is FBI Still Fluffing Its Encryption Numbers?

Note: All the big civil liberties groups are fundraising “bigly” off of the election of Trump. If you are donating to them and are able, please consider supporting this work as well.  

Update: I went back to the FBI spox who originally told me that the 13% number cited in August included damaged phones, to clarify that this more recent one did. It does not. Here’s what he said:

It is true that damaged devices are provided to CART and RCFL for FBI assistance, but the 886 devices in FY16 that the FBI was not able to access (which is the number that GC Baker provided last week), does not include those damaged devices. It includes only those devices for which we encountered a password we were not able to bypass.


“[T]he data on the vast majority of the devices seized in the United States may no longer be accessible to law enforcement even with a court order or search warrant,” FBI Director Jim Comey wrote in a response to a question from Senate Judiciary Committee Chair Chuck Grassley in January. Grassley had asked whether Comey agreed with New York District Attorney’s Cy Vance’s estimate — made in Senate testimony the previous July — that “when smartphone encryption is fully deployed by Apple and Google, 71% of all mobile devices examined…may be outside the reach of a warrant.”

In Comey’s very next answer, however, he admitted the FBI was still trying to quantify the problem. “FBI is currently working on improving enterprise-wide quantitative data collection to better understand and explain the ‘data at rest’ problem.” Comey and Deputy Attorney General Sally Yates had promised to come up with real data at the July 2015 hearing.

Since that time, FBI has publicly created the impression they had real numbers on encryption.

In a speech at the end of August, Jim Comey claimed that the FBI had been unable to open 650 of the 5,000 devices it got in its forensics centers (remember, the fiscal year starts on October 1).

We believe in the FBI that we need a conversation. If at the end of the day the American people say, “You know what, we’re okay with that portion of the room being dark. We’re okay with”—to use one example—“the FBI, in the first 10 months of this year, getting 5,000 devices from state and local law enforcement and asked for assistance in opening them, and in 650 of those devices being unable to open those devices.” That’s criminals not caught, that’s evidence not found, that’s sentences that are far, far shorter for pedophiles and others because judges can’t see the true scope of their activity.

That left the impression that encryption thwarted the FBI in 13% of all cases.

According to Kevin Bankston, FBI General Counsel just provided an equivalent number at a National Academy of the Sciences working group on encryption (Baker only said these were inaccessible — he did not claim that was because of encryption, though that was the context of the number).

Interesting data point: Baker says over FY 2016, of 6814 mobile devices submitted by fed/state/local to FBI’s [Computer Analysis Response Teams and Regional Computer Forensic Laboratories for analysis 2095 of them req’d passcodes, defeated passcodes in 1210 cases, unable to (presumably due to crypto?) in 886 (885?) cases.

That reflects the same 13% failure rate.

I asked the FBI in September where they got this number. And at least at that point, the 13% was not a measure of how often encryption thwarted the FBI. A spokesperson told me,

It is a reflection of data on the number of times over the course of each quarter this year that the FBI or one of our law enforcement partners (federal, state, local, or tribal) has sought assistance from FBI digital forensic examiners with respect to accessing data on various mobile devices where the device is locked, data was deleted or encrypted, the hardware was damaged, or there were other challenges with accessing the data. I am not able to break that down by crime type.

In the San Bernardino case, for example, the FBI may not have been able to access 66% of the phones it seized from the culprits (there are actually varying reports on this). But in the end, encryption accounted for none of those phones being inaccessible: physical destruction accounted for all of it.

So unless the FBI, after I asked in early September, went back and recalculated their quarterly numbers (I’ve got a question in to clarify this point), then the FBI is presenting a false claim about encryption.

Monday: A Border Too Far

In this roundup: Turkey, pipelines, and a border not meant to be crossed.

It’s nearly the end of the final Monday of 2016’s General Election campaign season. This shit show is nearly over. Thank every greater power in the universe we made it this far through these cumulative horrors.

Speaking of horrors, this Monday’s movie short is just that — a simple horror film, complete with plenty of bloody gritty gore. Rating on it is mature, not for any adult content but for its violence. The film is about illegal immigrants who want more from life, but it plays with the concepts of alien identity and zombie-ism. Who are the illegals, the aliens, the zombies? What is the nature of the predator and their prey? Does a rational explanation for the existence of the monstrous legitimize the horror they perpetuate in any way?

The logline for this film includes an even shorter tag line: Some borders aren’t meant to be crossed. This is worth meditating on after the horrors we’ve seen this past six months. Immigrants and refugees aren’t the monsters. And women aren’t feeble creatures to be marginalized and counted out.

Should also point out this film’s production team is mostly Latin American. This is the near-future of American storytelling and film. I can’t wait for more.

Tough Turkey
The situation in Turkey is extremely challenging, requiring diplomacy a certain Cheeto-headed candidate is not up to handling and will screw up if he places his own interests ahead of that of the U.S. and the rest of the world.

  • Luxembourg’s foreign minister compares Erdoğan’s purge to Nazi Germany (Deutsche Welle) — Yeah, I can’t argue with this when a political party representing an ethnic minority and a group sharing religious dogma are targeted for removal from jobs, arrest and detention.
  • Op-Ed: Erdoğan targeting critics of all kinds (Guardian) — Yup. Media, judges, teachers, persons of Kurdish heritage or Gulenist religious bent, secularists, you name it. Power consolidation in progress. Democracy, my left foot.
  • HDP boycotts Turkish parliament after the arrest of its leaders (BBC) — Erdoğan claimed the arrested HDP leaders were in cahoot with the PKK, a Kurdish group identified as a terrorist organization. You’ll recall HDP represents much of Turkey’s Kurdish minority. But Erdoğan also said he doesn’t care if the EU calls him a dictator; he said the EU abets terrorism. Sure. Tell the cities of Paris and Brussels that one. Think Erdoğan has been taking notes from Trump.
  • U.S. and Turkish military leaders meet to work out Kurd-led ops against ISIS (Guardian) — Awkward. Turkish military officials were still tetchy about an arrangement in which Kurdish forces would act against ISIS in Raqqa, Syria, about 100 miles east of Aleppo. The People’s Protection Units (YPG) militia — the Kurdish forces — will work in concert with Arab members of Syrian Democratic Forces (SDF) coalition in Raqqa to remove ISIS. Initial blame aimed at the PKK for a car bomb after HDP members were arrested heightened existing tensions between Erdoğan loyalists and the Kurds, though ISIS later took responsibility for the deadly blast. Depending on whose take one reads, the Arab part of SDF will lead the effort versus any Kurdish forces. Turkey attacked YPG forces back in August while YPG and Turkey were both supposed to be routing ISIS.

In the background behind Erdoğan’s moves to consolidate power under the Turkish presidency and the fight to eliminate ISIS from Syria and neighboring territory, there is a struggle for control of oil and gas moving through or by Turkey.

Russia lost considerable revenue after oil prices crashed in 2014. A weak ruble has helped but to replace lost revenue based on oil’s price, Russia has increased output to record levels. Increase supply only reduces price, especially when Saudi Arabia, OPEC producers, and Iran cannot agree upon and implement a production limit. If Russia will not likewise agree to production curbs, oil prices will remain low and Russia’s revenues will continue to flag.

Increasing pipelines for both oil and gas could bolster revenues, however. Russia can literally throttle supply near its end of hydrocarbon pipelines and force buyers in the EU and everywhere in between to pay higher rates — the history of Ukrainian-Russian pipeline disputes demonstrates this strategy. Bypassing Ukraine altogether would help Russia avoid both established rates and conflict there with the west. The opportunities encourage Putin to deal with Erdoğan, renormalizing relations after Turkey shot down a Russian jet last November. Russia and Turkey had met in summer of 2015 to discuss a new gas pipeline; they’ve now met again in August and in October to return to plans for funding the same pipeline.

A previous pipeline ‘war’ between Russia and the west ended in late 2014. This conflict may only have been paused, though. Between Russia’s pressure to sell more hydrocarbons to the EU, threats to pipelines from PKK-attributed terrorism and ISIS warfare near Turkey’s southwestern border, and implications that Erdoğan has been involved in ISIS’ sales of oil to the EU, Erdoğan may be willing to drop pursuit of EU membership to gain more internal control and profit from Russia’s desire for more hydrocarbon revenues. In the middle of all this mess, Erdoğan has expressed a desire to reinstate the death penalty for alleged coup plotters and dissenters — a border too far for EU membership since death penalty is not permitted by EU law.

This situation requires far more diplomatic skill than certain presidential candidates will be able to muster. Certainly not from a candidate who doesn’t know what Aleppo is, and certainly not from a candidate who thinks he is the only solution to every problem.

Cybery miscellany

That’s it for now. I’ll put up an open thread dedicated to all things election in the morning. Brace yourselves.

NYT Ombud Calls for More Unproven Fearmongering

In an overly dramatic (and in key areas, fluff) piece promising voting related hacks long into the future, David Sanger includes this passage.

The steady drumbeat of allegations of Russian troublemaking — leaks from stolen emails and probes of election-system defenses — has continued through the campaign’s last days. These intrusions, current and former administration officials agree, will embolden other American adversaries, which have been given a vivid demonstration that, when used with some subtlety, their growing digital arsenals can be particularly damaging in the frenzy of a democratic election.

“Most of the biggest stories of this election cycle have had a cyber component to them — or the use of information warfare techniques that the Russians, in particular, honed over decades,” said David Rothkopf, the chief executive and editor of Foreign Policy, who has written two histories of the National Security Council. “From stolen emails, to WikiLeaks, to the hacking of the N.S.A.’s tools, and even the debate about how much of this the Russians are responsible for, it’s dominated in a way that we haven’t seen in any prior election.”

The magnitude of this shift has gone largely unrecognized in the cacophony of a campaign dominated by charges of groping and pay-for-play access.

On a day when results from North Carolina strongly suggest that efforts to suppress the African American vote have thus far worked, the NYT frames a story by arguing that cyber — not racism and voter suppression — accounts for “most of the biggest stories of the election cycle” (the story goes on to include Hillary’s email investigation in with the Russian hacks dealt with in the story).

It does so even while insintuating that the “probes of election-system defenses” are a Russian state-led effort, which the Intelligence Community pointedly did not say. Indeed, a DHS assessment dated September 20 — before that Intelligence Statement — (and publicly posted Saturday) attributes such probes to “cybercriminals and criminal hackers.”

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

Sanger posted his piece, claiming that cyber is the most important part of this election, in the wake of NYT’s ombud, Liz Spayd, posting her own piece judging — partly based off Sanger’s assessment — that the NYT should put someone on the Russian hacking story full time.

[W]hile several reporters have periodically contributed to the coverage, no one was dedicated to it full time. That’s too bad. In my view, The Times should have assembled a strike force and given it a mandate to make this story its top priority.

[snip]

I asked Sanger, a highly knowledgeable and seasoned hand on matters of cyberwarfare, about the challenges in covering information hacks. “American drone strikes and Russians bombing a hospital in Syria are immediate, gripping, tragic human stories,” he said. “A cyberstrike, by nature, is subtle, its effects often hidden for months, its importance usually a mystery. The bigger story here is that a foreign power has inserted itself in the fundamental underpinnings of American democracy using cybertechniques. We’ve never seen that before.”

That sounds like a pretty powerful argument for all-hands-on-deck coverage. After all, Trump’s treatment of women, Clinton’s email servers, the foundations of each candidate — all of it will soon fade out. The cyberwar, on the other hand, is only getting started.

Spayd makes a number of unproven or even false claims in her piece. Not only does she (like Sanger) claim that those probing voter poll sites are Russian (implying they are state hackers), she also implies the Shadow Brokers hack was done by Russia (which may be true but is far from proven).

So was the National Security Agency. Now, hackers are meddling with the voting systems in several states, leaving local officials on high alert.

She asks a question — were the Russians running Trump — she answers in her own piece.

And most critically, what has it done to try to establish whether Donald Trump was colluding with Russian intelligence, as Clinton suggests?

[snip]

The Times finally weighed in on this question last week, concluding that there is no compelling evidence linking Trump to the hackers. The piece, which ran on A21 and down page on the website, appeared to have been in the works for some time. Yet it was published just seven days before the election, and was unsatisfying in exploring the back story that led to its conclusions.

In a piece that notes there is no evidence the Russians are behind the poll probes, she suggests a Sanger piece suggesting they might have been should have been somewhere more prominent than page A15.

A piece laying out evidence that the Russians may be trying to falsify voting results in state databases ran on A15 and got minimal play digitally.

And she applauds a highly problematic piece claiming Julian Assange and Wikileaks always side with the Russians.

Led by David Sanger, The Times was first to link the Russians to the hacks, to examine the baffling role of Julian Assange and WikiLeaks and to smartly explore the options that the Obama administration could use to retaliate. I have no substantive complaints about the stories The Times has done.

In short, she points to a lot of problematic, hasty fearmongering the NYT has done on this front (as well as the one debunking much of that fearmongering, though she complains that doesn’t offer enough detail). And then says NYT should do more of it.

From the sounds of things, what she really wants is more cloak and dagger on the front pages of the NYT. Even if NYT has to invent a Russian tie to get it there.

Update: Egads.

The NYT just decided to tweet out its crappy Assange only does things Putin likes piece again.

image_print